Skip to content

timesys.vigiles packages

timesys.vigiles.cves module

timesys.vigiles.cves.get_cve_info(cve_id, fields=None)

Access to this route requires a Vigiles prime subscription.

Get CVE info by CVE ID

  • Parameters:

  • cve_id (str) -- A valid CVE ID

  • fields (list of str , optional) --

    Limit cve data returned to given the fields. If none are specified, all are returned.

    Valid fields: : "affected_configurations", "assigner", "description", "identifier", "impact", "modified", "problem_types", "published", "references"

  • Returns:

  • CVE data, optionally filtered to the requested fields

  • Return type:

  • dict

timesys.vigiles.cves.search_cves_by_product(cpe_product, version='', ids_only=False)

Access to this route requires a Vigiles prime subscription.

Get CVEs which affect given CPE Product and optionally filter by version

  • Parameters:

    • product (str) -- CPE Product (package_name) to search CVEs for

    • version (str , optional) -- Version of the product to filter results by, else all affected versions

    • ids_only (bool) -- Return list of CVE identifiers only, no descriptions. Default: False

  • Returns:

  • A list of CVE ids is returned if "ids_only" is true, otherwise a dictionary with CVE identifier keys and description values

  • Return type:

  • list or dict

timesys.vigiles.manifests module

timesys.vigiles.manifests.delete_manifest(manifest_token, confirmed=False)

Access to this route requires a Vigiles prime subscription.

Delete a manifest with the given token

This action can not be undone. It requires passing True for the
'confirmed' keyword parameter to prevent accidental use.

Parameters:

  • manifest_token (str) -- Token of the manifest to be deleted

Returns:

  • success
    • True or False depending on result of operation
  • message
    • Reason when "success" is False. May refer to additional keys in response.

Return type:

  • dict

timesys.vigiles.manifests.get_latest_report(manifest_token, filter_results=False, extra_fields=None)

Access to this route requires a Vigiles prime subscription.

Download the latest report for a manifest with the given token.

Parameters:

  • manifest_token (str) -- Token of the manifest for which to fetch the latest report
  • filter_results (bool) -- apply all filters to report if True, else only config filters. Default: False

  • extra_fields (list of str , optional) --

    Optionally extend CVE data included in report with any of the following fields: * "assigner", "description", "impact", "modified", "problem_types", "published", "references"

Returns: Results of scan with keys:

  • manifest_token
    • Token of the manifest which was scanned
  • product_token
    • Token of the product that the manifest belongs to
  • folder_token
    • Token of the folder that the manifest belongs to
  • cves
    • list of dictionaries containing information about CVEs found in the scan, also referred to as the "report."
  • counts
    • Dictionary containing CVE counts with keys:
      • "fixed", "kernel", "toolchain", "unapplied", "unfixed", "upgradable", "not_affected"
  • date
    • Date the scan was performed
  • product_path
    • URL where the product can be viewed on the web.
  • report_path
    • URL where the report can be viewed on the web. The report token may also be split from the end of this string.

Return type:

  • dict

timesys.vigiles.manifests.get_manifest_file(manifest_token, sbom_format=None, file_format=None, sbom_version=None)

Access to this route requires a Vigiles prime subscription.

Get manifest data as a file

Response does not include other metadata such as product/folder tokens.

Parameters:

  • sbom_format (str , optional) --

    If specified, the server will convert the manifest data to the specified format.

    Acceptable formats are: * "spdx" * Convert the manifest to SPDX format before returning it

Returns:

  • The raw manifest file bytes

Return type:

  • bytes

timesys.vigiles.manifests.get_manifest_info(manifest_token, sbom_format=None, file_format=None, sbom_version=None)

Access to this route requires a Vigiles prime subscription.

Get manifest data along with metadata

Parameters: sbom_format (str , optional) --

If specified, the server will convert the manifest data to this format.

Acceptable formats are:
    * "spdx"
      * Convert the manifest to SPDX format before returning it

Returns: Result of the request with keys:

  • manifest_token
    • Token representing the manifest
  • manifest_name
    • Name of the manifest with the given token
  • folder_token
    • Token representing a Folder the manifest belongs to
  • product_token
    • Token representing a Product the manifest belongs to
  • upload_date
    • Date the manifest was uploaded
  • manifest_data
    • Contents of the manifest By default this is the same format as it was uploaded, unless converted due to the "sbom_format" parameter

Return type:

  • dict

timesys.vigiles.manifests.get_manifests()

Access to this route requires a Vigiles prime subscription.

Get all manifests that are accessible by the current user

Product or folder tokens can be configured to limit results, but only one
may be provided. If configured on the llapi object, folder token takes
precedence.

Returns: Each manifest in the returned list is a dictionary with the following keys:

  • manifest_name
    • Name of the manifest
  • manifest_token
    • Token representing the manifest
  • product_token
    • Token representing the Product which the manifest belongs to
  • folder_token
    • Token representing the Folder which the manifest belongs to
  • upload_date
    • Date the manifest was uploaded

Return type:

  • list of dict

timesys.vigiles.manifests.get_report_tokens(manifest_token)

Access to this route requires a Vigiles prime subscription.

Get a list of report_tokens available for the given manifest_token

Parameters:

  • manifest_token (str) -- Token of the manifest for which to retrieve a list of available reports

Returns: A dictionary with meta info about the requested manifest and a list of report info dictionaries, each of which contain the keys:

  • "created_date", "report_token", "manifest_token", "manifest_version" Return type:

  • dict

timesys.vigiles.manifests.rescan_manifest(manifest_token, rescan_only=False, filter_results=False, extra_fields=None)

Access to this route requires a Vigiles prime subscription.

Generate a new report for the given manifest_token

Parameters:

  • manifest_token (str) -- Token for the manifest to rescan
  • rescan_only (bool) -- If True, rescan the manifest but not return the report data Default: False
  • filter_results (bool) -- Apply all filters to report if True, else only config filters if available. Default: False

  • extra_fields (list of str , optional) --

    Optionally extend CVE data included in report with any of the following fields: * "assigner", "description", "impact", "modified", "problem_types", "published", "references"

Returns: Results of scan with keys:

  • manifest_token
    • Token of the manifest which was scanned
  • product_token
    • Token of the product that the manifest belongs to
  • folder_token
    • Token of the folder that the manifest belongs to
  • cves
    • list of dictionaries containing information about CVEs found in the scan, also referred to as the "report."
  • counts
    • Dictionary containing CVE counts with keys:
    • "fixed", "kernel", "toolchain", "unapplied", "unfixed", "upgradable", "not_affected"
  • date
    • Date the scan was performed
  • report_path
    • URL where the report can be viewed on the web. The report token may also be split from the end of this string.
  • exported_manifest
    • The manifest data in SPDX format

Return type:

  • dict

timesys.vigiles.manifests.upload_manifest(manifest, kernel_config=None, uboot_config=None, manifest_name=None, subfolder_name=None, filter_results=False, extra_fields=None, upload_only=False)

Upload and scan (optionally) a manifest

If a product_token is configured on the llapi object, it will be used as the upload location.
Otherwise, the default is "Private Workspace."

If both a product_token and folder_token are configured on the llapi object, the folder will
be the upload location.

A subfolder name can optionally be supplied in order to upload to or create a folder under the
configured product and folder. This will then be the upload target for the given manifest.
This is not supported for "Private Workspace".

Parameters:

  • manifest (str) -- String of manifest data to upload
  • kernel_config (str , optional) -- Kernel config data used to filter out CVEs which are irrelevant to the built kernel
  • uboot_config (str , optional) -- Uboot config data used to filter out CVEs which are irrelevant to the built bootloader
  • manifest_name (str , optional) -- Name to give the new manifest. If not provided, one will be generated and returned.
  • subfolder_name (str , optional) -- If given, a new folder will be created with this name under the configured product or folder, and the manifest will be uploaded to this new folder. If the subfolder already exists, it will be uploaded there. Not supported for "Private Workspace" Product.
  • filter_results (bool) -- True to apply all configured filters to scan results, False to apply only kernel and uboot config filters. Default: False Note: These filters are configured through the Vigiles web interface.

  • extra_fields (list of str , optional) --

    Optionally extend CVE data included in report with any of the following fields: * "assigner", "description", "impact", "modified", "problem_types", "published", "references" * upload_only (bool) -- If true, do not generate an initial CVE report for the uploaded manifest Default: False

Returns: Results of scan with keys:

  • manifest_token
    • Token of the manifest which was scanned
  • product_token
    • Token of the product that the manifest belongs to
  • folder_token
    • Token of the folder that the manifest belongs to
  • cves
    • list of dictionaries containing information about CVEs found in the scan, also referred to as the "report."
  • counts
    • Dictionary containing CVE counts with keys:
      • "fixed", "kernel", "toolchain", "unapplied", "unfixed", "upgradable", "not_affected"
  • date
    • Date the scan was performed
  • report_path
    • URL where the report can be viewed on the web. The report token may also be split from the end of this string.
  • exported_manifest
    • The manifest data in SPDX format

Return type:

  • dict

timesys.vigiles.folders module

timesys.vigiles.folders.get_folders()

Access to this route requires a Vigiles prime subscription.

Get all folders that are owned by the current user.

If a product token is configured on the llapi object, only folders belonging
to that product will be returned.

Returns: List of folder information dictionaries with keys:

  • "folder_token", "folder_name", "folder_description", "creation_date", "product_token"

Return type:

  • list of dict

timesys.vigiles.products module

timesys.vigiles.products.create_product(product_name, product_description=None)

Access to this route requires a Vigiles prime subscription.

Create a new product for the current user

Parameters:

  • product_name (str) -- Name for the new product
  • product_description (str , optional) -- Description for the new product

Returns:

  • name
    • Name of product
  • description
    • Description of product
  • token
    • Token of the new product

Return type:

  • dict

timesys.vigiles.products.get_product_info(product_token=None)

Access to this route requires a Vigiles prime subscription.

Get product information from a product_token

If a token is passed, it will be used.
If no token is passed, but a product_token is configured on the llapi object, it will be used.
If neither are provided, an Exception will be raised.

Parameters:

  • product_token (str , optional) -- Token of the product to retrieve info for

Returns:

  • name
    • Name of product
  • description
    • Description of product
  • token
    • Token for the product
  • is_default
    • True if product is default product for user, otherwise False
  • created
    • Date that the product was created

Return type:

  • dict

timesys.vigiles.products.get_products()

Access to this route requires a Vigiles prime subscription.

Get product info for all products available to the current user

Returns: List of product information dictionaries which contains keys:

  • "name", "description", "token"

Return type:

  • list of dict

timesys.vigiles.reports module

timesys.vigiles.reports.compare_reports(token_one, token_two, remove_not_affected=False, filter_results=False)

Access to this route requires a Vigiles prime subscription.

Get comparison between report token_one and report token_two

Parameters:

  • token_one (str) -- Token of the first CVE report
  • token_two (str) -- Token of the second CVE report
  • remove_not_affected (bool) -- Remove Not Affected CVEs from the report if True
    • Default: False
  • filter_results (bool) -- Apply all filters to report if True, else only kernel and uboot config filters if configs have been uploaded.
    • Default: False

Returns: Results of comparison with keys:

  • resolved
    • List of CVEs resolved between the reports
  • new
    • List new CVEs between the reports

Return type:

  • dict

timesys.vigiles.reports.download_report(report_token, format=None, filter_results=False)

Access to this route requires a Vigiles prime subscription.

Get a CVE report as a file from the given report token

Parameters:

  • token (str)
    • The token of the CVE report to download
  • format (str)
    • What file format to return from the following: "csv", "pdf", "pdfsummary", "xlsx"
  • filter_results (bool)
    • True to apply all configured filters to scan results, False to apply only kernel and uboot config filters, if configs have been uploaded.
    • Default: False

Returns:

  • file data -- CVE Report data in bytes from the requested file type

Return type:

  • bytes